Solved: Re: FTD FMC 2110 VPN ASA second factor authentication

Amafsha1 · ‎11-16-2018

Hello folks,

I want to buy the new 2110 ASA VPN and put FTD image on it.

It says the following under the link for creating remote access VPN

https://www.cisco.com/c/en/us/td/docs/security/firepower/622/configuration/guide/fpmc-config-guide-v622/firepower_threat_defense_remote_access_vpns.pdf

It says "Secondary or double authentication is not supported".... does this mean that I can't implement DUO for our users to do 2 factor auth?

Abheesh Kumar · ‎11-16-2018

As of now NOT SUPPORTED.

HTH

Abheesh

View solution in original post

Abheesh Kumar · ‎11-16-2018

Hi,
You can opt for AAA + Certificate authentication, as of now Multi factor authentication like OTP, PUSH applications are not supported in FTD.
You can do multifactor authentication with the help of ISE. You can integrate your MFA server with ISE and then add ISE as a AAA server in FTD. So you can achieve the MFA functionality.

HTH
Abheesh

Amafsha1 · ‎11-16-2018

Thank you sir. so DUO is not supported?

Abheesh Kumar · ‎11-16-2018

As of now NOT SUPPORTED.

HTH

Abheesh

zeeshan.ah · ‎05-01-2019

Hi, just checking if this option is available now? And has any one tried 2 FA on FMC using RSA and ISE?